[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#6251) GnuTLS cipher suite failure
Full_Name: Quanah Gibson-Mount
Version: 2.4.17
OS: Linux 2.6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (75.111.29.239)
Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541256
OpenLDAP+gnutls worked fine for me for more than a year, but now I have
TLS problems again. It started on my unstable client when libnss-ldap
reported:
TLS: could not set cipher list TLS_RSA_AES_256_CBC_SHA1
Then I upgraded gnutls and ldap on my server from lenny to unstable and
now even slapd doesn't start:
TLS: could not set cipher list TLS_RSA_AES_256_CBC_SHA1.
main: TLS init def ctx failed: -1
If I comment out line which defines cipher:
TLSCipherSuite TLS_RSA_AES_256_CBC_SHA1
it works again.
$ gnutls-cli -l|grep TLS_RSA_AES_256_CBC_SHA1
TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0
...so I don't see why it shouldn't work.